http://Linux-Sec.net Hardening-Tightening Security_Policy Hardening-HOWTO Linux Distros Distro Patches Kernel-Patches Dedicated Servers Firewalls DNS Servers Mail Servers Web Servers Turn-Off Daemons Tighten Inetd Services Top-10 Vulnerabilities Top-7 Security Mistakes Top-10 Vulnerabilities Top-20 Most Critical Vulnerability Top-10 Virus Scans/Attacks Stats Top-10 Attacks Hacked Servers One Minute Audits OpenPorts Audit AntiVirus - AntiSpam Anti-Spam Anti-Virus spam.wav Wireless [In]Security Sniffers Security Tools SSH_SSL Firewalls MailServer FileSystem VPN Port Scan Detectors IDS Tools LogFile Analysis Ethernet Monitoring Server Monitoring Tracking & Forensics Hackers Tools Audit Tools Port Scanners Hacking Tools DDOS Tools Sniffer Tools Spoof Tools Exploits & Vulnerbilities Wireless Wireless [In]Security Misc Statistics Linux/BSD Distros Links,Articles,WatchDogs Security Mailing Lists/FAQs Liability Insurance 1U Rackmount Chassis Custom-Chassis.com Linux-1U.net 1U-ITX.net ITX-Blades.net Small PC cases Mini-Box.net Wrap-Box.net Wrap-OS.net Wan-Sim.net Linux-Consulting.com Linux-CAE.net Linux-Sec.net Linux-Boot.net Linux-Backup.net Linux-Wireless.org Linux-Office.net Linux-Video.net Linux-VOIP.net Linux-Jobs.net Linux-Diff.net 1U-Raid5.net Linux-Howto.net Spam Reporting Free Linux CDs ISO9660.org Distro-CD.org Patch-CD.org Contact Linux is a registered trademark of Linus Torvalds More Linux Legalese

Linux-Sec.net/Mail Secure Mail Server Secure Pop3 Mail Servers MTA Secure-MTA Wireless-MTA WebMail Servers AntiVirus MIME Detach AntiSpam Sendmail Sendmail Install-HOWTO Example Sendmail Config FIles OpenRelay RBLs Filters RFCs Laws Mail Headers Mail Log Analyzers Monty-Python Songs Mail/Sendmail Simplified AntiSpam Proceedure Download and install the latest Sendmail ... Sendmail-Install-HOWTO Configure and install sendmail.mc Configure sendmail files in /etc/mail Watch your maillog files for errors Simplified Sendmail-Install-HOWTO Sendmail Install URLs Downloading Compiling Testing Owners and Permissions of directories, files Commands Secure Sendmail - AUTH, SSL Linux-Sec.net/Mail Secure MTA Sendmail.net Securing Sendmail Sendmail.org Secure Install Sendmail.com Security Sendmail.org Security Sendmail.org Secure Switch ( TLS ) in 8.11/8.12 sendmail -d0.1 -bv root | grep SASL Sendmail.org SASL_Client Melnikov.ca SASL_CLient Sendmail.org AUTH, SASL in 8.10/8.12 ) Sendmail.org AUTH, SASL Sendmail.org Auth Sendmail.org smtp_auth Sendmail.org AUTH, SASL in 8.10/8.12 Sendmail.net Sendmail.net Secure Sendmail slackwiki.org TLS + SASL testsaslauthd -u yourusername -p yourpassword ClearChain.com Sendmail with TLS and Auth FalkoTimme.com Sendmail-SMTP-AUTH-TLS HowtoForge.com Sendmail-SMTP-AUTH-TLS LinuxJournal.com Securing Sendmail with TLS SourceForge.com Sendmail-SQL Blue-Labs.org Sendmail + postgreSQL, TLS Blue-Labs.org access hints w/ TLS stuff ofb.net Configuring Sendmail's STARTTLS (SSL) and Relaying dsrw.org sendmail + auth + tls/ssl upenn.edu Installing Kerberos Authenticated SMTP Service UnixPeople.com sendmail auth brennan.id.au WebMasterWorld.com saslauthd and SMTP AUTH netfrag.org tls + imap/ssl + ldap + kerberos Hardening Sendmail Linux-Sec.net/Mail Linux-Sec.net/Mail/SecurePop3 SoftPanorama.org LinuxJournal.com LinuxJournal.com Paranoid Penguin: Hardening Sendmail ThaiCert.nectec.or.th Hardening Sendmail chroot Sendmail Linux-Boot.net/Chroot TCU-Inc.com Chroot Sendmail ( chroot all services ) clapper.org sendmail-chroot cyberciti.biz deer-run.com Running Sendmail as an Unprivileged User axllent.org chroot ssmtp Sendmail Anti-Spam Features Sendmail.net check_relay, check_mail, check_rcpt Sendmail.org Sendmail FAQ Sendmail.org Current Release Linux.cu Sendmail ( bat book ) Sendmail.com AntiSpam Sendmail.com AntiVirus Sendmail.org Compiling Sendmail Sendmail.org 8.13.8 Sendmail.org 8.13.7 Sendmail.org 8.13.6 Sendmail.org 8.13.5 Sendmail.org 8.13.4 Sendmail.org 8.13.3 Sendmail.org 8.13.2 Sendmail.org 8.13.1 Sendmail.org 8.13.0 Sendmail.org 8.12.11 Sendmail.org 8.12.10 Sendmail.org 8.12.9 Sendmail.org 8.12.8 Sendmail.org Virtual Domains Sendmail.org Sendmail-8.12.10 - New Features Sendmail.org Header and Subject checking Sendmail.org anti-spam links Sendmail.net antispam in 8.10 Sendmail.org AntiSpam provisions in 8.8 Sendmail.net AntiSpam Features in 8.9 Sendmail.org m4 & sendmail.cf Sendmail.org Features Sendmail.org Sendmail config files/options Sendmail.org AntiSpam Sendmail.org AntiSpam - m4 ( in 8.9 ) Sendmail.org LDAP Sendmail.org Controlled Relaying Sendmail.org Path MTU Sendmail.org w/ links to 8.10, 8.9, 8.8 Sendmail.org debug before using Sendmail.org Anti-UBE FEATUREs - check_* in 8.10/8.11 Sendmail.org check_* in 8.9 Sendmail.org check_* in 8.8 Sendmail.org RelayingDenied in 8.8 - 8.12 Sendmail.org chk-hdrs.m4 Sendmail.org chk-headers.m4 Sendmail.org check_* in 8.8 Sendmail.org check_* in 8.8 anti-relaying Sendmail.org check_mail/check_relay Sendmail.org check_mail Sendmail.org checkmail3 Sendmail.org check_mail ( nospam.m4 ) Sendmail.org protected email Sendmail.org restrict email Sendmail.org norelay in 8.9?? Sendmail.org debugging check_* in 8.8/8.9 Sendmail.org Roaming ( dynamic ip# ) Sendmail.org misc Sendmail.org doc8.12 features Sendmail.org doc8.12 m4 msp Sendmail.org doc8.12 antispam Sendmail.org doc8.11 - whole scoop on the config file Sendmail.org define(options) milter.org bmsi.com Milters in Python EU.org milter filters imasy.or.jp ( japanese ) PureMagic.com GreyListing w/ milter Duh.org dcccd.edu Solaris + Sendmail TMC.edu Solaris - sendmail EBSInc.com Solaris Sendmail AntiSpam *.mc and *.cf Examples Linux-Secn.net Examples with RBL and Check_Local Linux-Sec.net/Mail/etc.mail all of sendmail examples Linux-Sec.net/Mail/etc.mail/sendmail-8.13.8 sendmail-8.13.8 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.7 sendmail-8.13.7 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.6 sendmail-8.13.6 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.5 sendmail-8.13.5 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.4 sendmail-8.13.4 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.3 sendmail-8.13.3 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.2 sendmail-8.13.2 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.1 sendmail-8.13.1 Linux-Sec.net/Mail/etc.mail/sendmail-8.13.0 sendmail-8.13.0 Linux-Sec.net/Mail/etc.mail/sendmail-8.12.11 sendmail-8.12.11 + check_local-5.6 Disallow HTML-ized emails ( usually spammers ) Linux-Sec.net/Mail/etc.mail Sendmail-8.13.3 linux-sec.No.HTML.m4 Linux-Sec.net/Mail/etc.mail Sendmail-8.13.2 linux-sec.No.HTML.m4 Linux-Sec.net/Mail/etc.mail Sendmail-8.13.1 linux-sec.No.HTML.m4 Use whitelist to allow incoming html-based emails from friends check_local ( local copy of check_local-5.x ) the Project seems to be no longer supported ... *pout* Linux-Sec.net/Mail/etc.mail local copy of check_local T-Systems-sfr.com Sendmail-8.12 + Check_local-5.6 DigitalAnswers.org Sendmail-8.12.6 + Check_local-5.4, *.5.5 DigitalAnswers.org Sendmail-8.12.5 + Check_local-5.1 DigitalAnswers.org sendmail-8.12 - check_local-5.0 DigitalAnswers.org sendmail-8.11 - check_local-4.4 uni-hannover.de sendmail-8.9 check_local-3.15 inet-tr.org.tr mirror unix-ag.uni-hannover.de/soft/check_local ( local copy ) web.bilkent.edu.tr sendmail-8.9 + check_local-3.11 BondedSender.org bondedsender.m4 Example Sendmail.mc ( *.mc ) Files Linux-Sec.net/Mail/Sendmail Sendmail.org sendmail-8.12.3 antispam Sendmail.org 8.12.6 Sendmail Config file Sendmail.org antispam Sendmail.org Simplest m4 Sendmail.org define(options) Sendmail.org options Mail-Abuse.org/dul m4 Examples Caldera.com rules, options Freenet.de options Redhat.com RH-Sendmail-HOWTO Redhat.com sendmail.mc uWaterloo.ca common options tLDP.org simple m4 Montana.edu Detailed info fct.unl.pt antispam for pop3 Franken.de /etc/mail/* SDSC.edu local_config w/ regular expression too rutgers.edu sendmail-8.12 macro Hserus.net sendmail-8.10 Glennf.com sendmail-8.9 m4 macros ( explanation too ) duke.edu sendmail-8.8 junkmail.m4 macros oit.duke.edu junkmail.m4 purdue.edu sendmail-8.8 LinuxWorld.com Configuring Redhat's sendmail Princeton.edu UIUC.edu Sendmail Tutorial Blacksun.box.sk Sendmail Tutorial w/ sendmail DoS Colorado.edu Akadia.com Sendmail Tips ( german w/ pics ) Visi.com SpamFilters Sial.org Examples Freenet.de delay_check, check_local, etc FAQs.org Securing Redhat FAQs.org Sendmail Redhat.com sendmail.mc Lint.ne.jp kanji *.mc kpu-m.ac.jp kanji *.mc DNS checking niu.edu require_rdns niu.edu require_rdns.m4 ( proper reverse dns ) Sial.org sendmail-8.12 - mail proxy + rlytest - dnsbl meiway.com itsaDNSmess RBL checking Sial.org dnsbl.mc MegaCity.org rhsbl.m4 MegaCity.org dnsbl.m4 Header checking Sendmail.org Header and Subject checking Sendmail.org chk-headers.m4 Stud.Uni-Hannover.de check_header.m4 ( 8.9 ) kyunghee.ac.kr spam-killer.m4 header checking Linux-Sec.net header_chk.m4 ( modified from kyunghee.ac.kr ) ErinJones.org strip headers check_* checking Sans.org sample sendmail.mc file near bottom Usenix.org check_rcpt, extended_check_rcpt Austria.eu.net check_rcpt Suse.de SpConnect.com sendmail m4 macros w/ procmail flora.org sendmail-8.8 -> 8.9 m4 coruscant.demon.co.uk mc + cf example Onet.on.ca sendmail-8.8 - EMail Anti-spam Policies AbNormal.com Sendmail Regex Additional Sendmail.cf ( CF ) Snips uni-kiel.de sendmail-8.10/11 - antispam standard features uni-kiel.de sendmail-8.9 check_* uni-kiel.de sendmail-8.8 check_mail, check_rcpt BPFH.net Visi.com SpamFilters gToal.com /etc/sendmail-config/scores/spammers.db kame.net check_mail, check_relay, check_rcpt ncku.edu.tw check_rcpt, check_mail Sprocket.com check_mail, check_rcpt esva.net check_rcpt vlug.org Arachnoid.com antispam - /etc/spammers.txt Stedwards.edu More Sendmail.cf Explanations tLDP.org Interpreting and Writing Rewrite Rules Sendmail.org whole scoop on the config file Montana.edu config options Cisco.com HP.com Sun.com Usenix.org Caldera.com managing spam Caldera.com gory details for R & S rules Caldera.com more R & S rules DCCCD.edu LHS Symbol description UWaterloo.ca dealing with spammers ntua.gr macro explanation UWSG.iu.edu Debugging options cs.colorado.edu Mit.edu Harvard.edu purdue.edu sendmail-8.8 Univie.ac.at Tripod.com mailqa Professional.org procmail stedwards.edu demon.co.uk sangmyung.ac.kr check_mail, check_rcpt tutorial Zepa.net Sendmail.cf options Spandrel.com CPAN.org Sendmail Macros with its anti-spam features turned on Linux-Sec.net/Mail/etc.mail/sendmail-8.13.x sendmail-8.12.x Sendmail Macros Convert config.mc into config.cf ( sendmail.cf ) cd /usr/local/src/sendmail-8.12.x/cf/cf ; sh Build config.cf sendmail-8.12.x.generic.mc --> generic sendmail ( config.generic.mc ) Sendmail w/ RBL enabled rbl.howto sendmail-8.13.8.rbl.mc sendmail-8.13.7.rbl.mc sendmail-8.13.6.rbl.mc sendmail-8.13.5.rbl.mc sendmail-8.13.4.rbl.mc sendmail-8.13.3.rbl.mc sendmail-8.13.2.rbl.mc sendmail-8.13.1.rbl.mc sendmail-8.13.0.rbl.mc sendmail-8.12.11.rbl.mc sendmail-8.12.10.rbl.mc sendmail-8.12.9.rbl.mc sendmail-8.12.8.rbl.mc Sendmail w/ Header and Subject Checking Sendmail.org Header and Subject checking check_local.howto sendmail-8.13.1.check_local.mc ( did not test ) sendmail-8.13.0.check_local.mc ( did not test ) sendmail-8.12.11.check_local.mc sendmail-8.12.10.check_local.mc sendmail-8.12.9.check_local.mc sendmail-8.12.8.check_local.mc Visi.com SpamFilter Requires check_local Requires sendmail to be compiled w/ -DREGEX enabled Requires linux-sec.m4 or other check_header.m4 definitions you desire Sendmail - Disallow HTML-ized (mostly spammer) emails You will need to add your friends to a whitelist to allow their incoming emails linux-sec.No.HTML.m4 Linux-Sec.html.m4 Linux-Sec.html.m4 Installing Sendmail with its anti-spam features turned on Antispam Sendmail Install Howto Linux-Sec.net Anti-Spam sendmail.cf Howto ( RBL checking ) Linux-Sec.net Anti-Spam sendmail.cf Howto ( header and subject checking ) Linux-Sec.net Sendmail Install Howto Sendmail.org Setup Cork.linux.ie Install sendmail ( untested by our crew) Kent.edu Sendmail Installation and Operation Guide FreeBSD.org Sendmail Installation and Operation Guide cd /usr/local/src/sendmail-8.12.x Backup your existing sendmail configs tar sendmail.backup.tgz /etc/mail/* /etc/sendmail* /usr/sbin/*mail* /usr/bin/*mail* sh Build sh ./Build -c ( make clean after changing site.config.m4 ) sh Build install cd /usr/local/src/sendmail-8.12.x/cf/cf 1. cp generic-linux.mc config.mc -- does NOT have antispam features enabled -- or -- 2. wget http://www.Linux-Sec.net/Mail/etc.mail/sendmail.rbl.mc config.mc -- has rbl features turned on -- or -- 3. wget http://www.Linux-Sec.net/Mail/etc.mail/sendmail.check_local.mc config.mc -- requires check_local-5 sh Build config.cf ../../obj.Linux.2.4.20.i586/sendmail/sendmail -d72 -bt -Cconfig.cf cp config.cf /etc/mail/sendmail.cf cp config.mc /etc/mail/sendmail.mc Restart your new MTA /etc/rc.d/init.d/sendmail stop ; sleep 5 ; /etc/rc.d/init.d/sendmail start sendmail-8.12.x -L sm-mta -bd -q15m Configure your mail files in your /etc/mail Makefile access who can send emails to you virtusertable who can receive emails to you and where it goes local-host-names virtual domains you support ( sendmail.cw ) relay-domains virtual domains that can send out emails sendmail.mc anti-spam features ( RBL and header_checking ) turned on sendmail.cf resulting file header_chk.m4 check the headers known-headers .. other config files .. cd /etc/mail ; make -- to create the databases Restart sendmail Restarting Sendmail /etc/rc.d/init.d/sendmail stop /etc/rc.d/init.d/sendmail start Manually Starting sendmail MTA daemon: /usr/sbin/sendmail -L sm-mta -bd -q5m ; ps axuwf Manually Starting sendmail MSP queue runner: /usr/sbin/sendmail -L sm-msp-queue -Ac -q5m ; ps auxwf Testing Sendmail with its anti-spam features turned on Uni-kiel.de uwo.ca general sendmail.cf tests tLDP.org ebone.at macro explanation Montana.edu Good Testing info ZoneEdit.com uibk.ac.at exploiting sendmail bugs pi4arctan1guy.tripod.com exploiting sendmail bugs cotse.com exploiting MTA's phreak.org exploiting MTAs Online Testing vger.kernel.org online MX testing Zmailer.org online MX testing Testing some accounts BrandonHutchinson.com Savemail Panic These must aliases must exist and work vi /etc/mail/aliases MAILER-DAEMON: postmaster postmaster: real-user newaliases -or- asendmail -bi sendmail -bv MAILER-DAEMON sendmail -bv postmaster Testing some accounts sendmail -bt -Cnewtest.cf sendmail -d0.1 -bt < /dev/null ( version/options ) sendmail -d0.1 -bv ( versions/options ) sendmail -d0.1 -bv root sendmail -v -bv fake sendmail -v -bv real_user sendmail -v -bv fake@your_domain.com sendmail -v -bv real_user@your_domain.com sendmail -d0-8.20 -bt real_user@your_domain.com < /dev/null sendmail -oem real_user@your_domain.com < /dev/null echo '/mx earthlink.net' | sendmail -d8.8 -bt echo '/map access cyberpromo.com' | sendmail -bt echo '/map access cyberpromo.com' | sendmail -bt -d0.13 echo '/map access 1.2.3.4' | sendmail -bt -d0.13 echo '/map virtuser user@sub.domain.com' | sendmail -bt -Am echo '3 user@sub.domain.com' | sendmail -bt -Am echo 3,0 user@domain.com | sendmail -bt -d38.20 echo '$=w' | sendmail -bt -d0.4 | sort echo '$=w' | sendmail -bt echo '$=R' | sendmail -bt -d0.13 mailserver:~# sendmail -bt -Csendmail.new.cf > checkmail <fake@your_domain.com> > checkmail <anyone@cyberpromo.com> > /map access cyberpromo.com > /map virtuser foo@virtualDomain.com > 3,0 WebMaster@VirtualDomain.com > 3,0 RealUser@VirtualDomain.com > ^D (stuff) - 550 You are banned, contact your local admin (stuff) - 550 This domain is banned, contact your local admin (stuff) - 550 Access denied -- ( if listed in /etc/mail/access ) check your log file ( /var/log/maillog ) for typical/proper spam-detection operations somebody@somewhere.com --> Rejects due to RBLs somebody@fake-domains.com --> domain must resolve anybody@cyberpromo.com --> Access denied sneaky@open-relay.com --> Relaying denied fake-user@real-domain.com --> non-existent user Error Messages Bcpl.net Error messages nps.navy.mil Errors RootsWeb.com Sendmail bounce messages Zvon.org RFC 2821 Error Codes Ginini.com.au BMS - sendmail error codes w/ html report pku.edu.cn SMTP error codes NetworkSorcery.com SMTP commands and error codes

Copyright © 2000	Linux-Consulting	All Rights Reserved.	Updated: Fri Jul 2 00:32:25 2010 PDT